Entries filed under 'Ian Ahl'

Threat Research Blog

The FireEye Labs team posts blog entries under threat research to
present and discuss cyber attacks and threat intelligence from a
technical perspective. They cover the full spectrum of exploits and
vulnerabilities, including advanced malware and targeted threats.

Part II in a two-part series. Read Part I.IntroductionIn Part I of this series, I described China Chopper's easy-to-use interface and advanced features — all the more remarkable considering the Web shell's tiny size: 73 bytes for the aspx version, 4 kilobytes on disk. In this post, I'll explain China Chopper's platform versatility, delivery mechanisms, traffic patterns, and detection. My hope is that armed with this information, you can eradicate this pest from your Read more...

Part I in a two-part series. China Chopper: The Little Malware That Could China Chopper is a slick little web shell that does not get enough exposure and credit for its stealth. Other than a good blog post from security researcher Keith Tyler, we could find little useful information on China Chopper when we ran across it during an incident response engagement. So to contribute something new to the public knowledge base — especially for Read more...